Q

Clarifying OpenSSL protocol vulnerabilities

Quote from SearchOracle.com Dec. 8 says "Oracle Corp. on Friday confirmed that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol." My understanding is this: The vulnerability exists if using OpenSSL protocol. If users access all databases behind firewall via intranet, then tampering can only come from internal employees. Correct?
To a point, this is correct. The OpenSSL vulnerability can only be exploited if someone has access to your database server. For these types of security reasons, many organizations place their database server behind a firewall, and rightfully so. However, application servers, which typically sit in a "De-militarized zone (DMZ)" area of the firewall, not only allow open access to the application server but also need a firewall hole poked to let the application server connect to the database. Depending on your level of security and your network configuration, it is possible for someone in the outside world to be able to exploit this security hole. For that reason, I make the appropriate security fixes for the database even if the database is inside the company's firewall.
This was first published in December 2003

Dig deeper on Oracle database design and architecture

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataManagement

SearchBusinessAnalytics

SearchSAP

SearchSQLServer

TheServerSide

SearchDataCenter

SearchContentManagement

SearchFinancialApplications

Close